í«îÛ    ossec-hids-agent-0:3.0.1-5637.el6.art                                               Ž­è          $   >           è            ì           y¾~Qr‰öè·El<ê©   >   ÿÿÿÐ       Ž­è       =  _à   ?     _Ð      d            è           é           ê           ë      (     ì   	   ,     í   	   B     î      À     ï      Ä     ñ      à     ó      ä     ö      ù     ÷      þ     ø   	        ü     ;     ý     Q     þ     W           ^          Ò             .       È   .  	     $   .  
     €   .       8   .       &   .       T   .          .       ó   .       Ý             .       ¼          è          `          ê          4          8          J     (     K     8     T   ’  9     œ   ’  :     6G   ’  >     X     ?     X     B     X     G     X,   .  H     Xä   .  I     Yœ   .  X     YÌ     Y     YÔ     Z     Z      [     Z     \     Z   .  ]     ZÀ   .  ^     ^­     b     _1     d     _©     e     _®     f     _±     l     _³     “     _Ì   C ossec-hids-agent 3.0.1 5637.el6.art       The OSSEC HIDS Client The ossec-hids-agent package contains the agent part of the
OSSEC HIDS. Install this package on every system to be
monitored. [¨í|loggerhead.atomicorp.com     %âØhttp://www.ossec.net AGPL Atomicorp <support@atomicorp.com> System Environment/Daemons http://www.ossec.net/ linux x86_64 if [ $1 = 1 ]; then
	/sbin/chkconfig --add ossec-hids
	/sbin/chkconfig ossec-hids on
fi

echo "TYPE=\"agent\"" >> /etc/ossec-init.conf

if [ ! -f  /var/ossec/etc/ossec.conf ]; then
  ln -sf ossec-agent.conf /var/ossec/etc/ossec.conf
fi

ln -sf /var/ossec/bin/ossec-client.sh /var/ossec/bin/ossec-control

# daemon trickery
ln -sf /var/ossec/bin/client-logcollector  /var/ossec/bin/ossec-logcollector 
ln -sf /var/ossec/bin/client-syscheckd  /var/ossec/bin/ossec-syscheckd 

touch /var/ossec/logs/ossec.log
chown ossec:ossec /var/ossec/logs/ossec.log
chmod 0664 /var/ossec/logs/ossec.log


#/sbin/service ossec-hids restart || : if [ $1 = 0 ]; then
  /sbin/chkconfig ossec-hids off
  /sbin/chkconfig --del ossec-hids

  /sbin/service ossec-hids stop || :

  rm -f /var/ossec/etc/localtime
  rm -f /var/ossec/etc/ossec.conf
  rm -f /var/ossec/bin/ossec-control
  rm -f /var/ossec/bin/ossec-logcollector 
  rm -f /var/ossec/bin/ossec-syscheckd 
fi     K  	Ë  kà ,0 ›À ÐX    Û0  T  ê  =  *A  ‹   n  /å  ŠÞ  4¦  Ò  'R  Šý  ƒ†  ¦  D2  †t  ˆA ¤  ¯R qµ  l5 ˆ‡ ¼ …3  •& ¡&  œ­  >ø  a  Ÿ    '  ¦  á         €íhhhhhhh¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤AhAýAh                                                                                            [¨íp[¨íp[¨ír[¨ír[¨ív[¨íu[¨ív[¨íp[¨ít[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨íp[¨ípc24978cf693777751fd125a7e3053015c8b9302d3d9d7837c7441048435a66f4 21630d0d8054768ffe6cb4463be91bb22a434cf8cecca98ac17506b0cb36b4cb 7a9967e5c9eb4159b140ef7fab3dc75c4409dc9bdb57505d00ee72682aa116b9 a68670d95d793e09e60a429fcbd9939b79b487417bc56240dc5a9c046cef6126 24e6b58f39079d50b8853495dadccfbde988fff8ddd1a8b5af081a88e73fc3b3 c0166a97c6e65013373dccdd50f9c504270d4f4acf9dcf54a21f94393227c8f9 7a4efe9cc038069b340e0345e22ce6700e610417e5fb18833fca25344e057b3b 64883649965e68cd3984a3284bd4c99983197966d02b0205442773fbfd282f86 0276e52a48c657d09d0864b1d89ba66645e2bfe938baa66b2461c7e928f16d5f e7659dd330f2ee319fda88f24947c088a82251b434cf24e4cab723a4d2b0bdc5 31aabae3bfdebd4bb15344d2fde8a4397749d03f291d49c0dddb51fb0a22c5c7 7a5b59db07f51da06c8eaf36f0425a51c9f4b87e52cee3123b7f8d3c069a70db c1030b917aba0bc42b21ebb829eaa3cafb9081d55f533c676bf8708c0376bbeb 7da476d9f782f26360fdf764800c512a016ff028db713dec4226466bb72d5ca8 606d523f646921a6cbb0e8bce30d03072c69186025ba48bb288e580f377876d6 79322c236ceba006a93fa98b2eccfd7c7a8e8950d79ee47ede838ffabd85a9d4 7d8bf39b94dee07d419b1be477492af9c96b286703ef28966fa462049cfb66b9 aa416fbbac58650e86b603e8daeb857179a268fe390cab9e3eaefa5df589db5a d11c6bee007203a88fc95b5d8efd363e8ca85b2563aa0848a612206cb2aed6cd fb91113c7718e1b888c1acb828aa3c1762b81c994604fc3bcc9afa791d685a18 fcead21e9169e3eac8382c19ca68203b0fd420e1c8493c4861c6985acc956388 ff7d84b1bc9e99e5fbfd8863212d641482277f2507f77ca64808d42f13f82e1a f834fb3cc9734c2fb8423703374abff2503ca812c53d1e9d1dcc4f3dd7756337 de661cd1fcdfd7aedc77747ec1ebbbb3c0a4c742235d417f4a7c243bdc79fcee cee436359b8c46705cf53999ee1c0d1c170b9b519a1c2143b7ee7cedc8a5ecd1 2d01fd0b9e5b3ac2dcc10f8e28ca38ff124eb533556ddf8e44c7053fc06b59af f1fe077b0ae542e125c4e6899232639d5da03325be76f352a374594bb8e22f1c 590c23b4d79498c44391c62180558dae05492f57cd335bc943572e63aae70aaa 1df4b00f400fd1b0a8144d51d78e6048c906c2587961362a0a6d2e9163408d73 705f5a7821e50ea431a46af7be478fe6e643dd1d4363fa5780667fc36094c23b 4271355d227fba0da96772ee7f67f7b052df2a70d149e3aff8dd9f647807dd53 5e0fb408fd057de938d8881d2040473c9892b698fbca38d377786e0014f55877 9159967ffcd0e20fc2b30d47a2ca11b44665a4ee3c801c43d0ef4cd96a9261c4 4171d412b3e27779d853387dbcf5b9daf17adf9dc59012d5b9d75f4bbfd8c7d0 64769f6c942f38099c06d78e6f6a3c62666ac1bfb36e35dd8851bbbccf469499 28bd6aa363f94d1f3b138b413b1c558eb2f850968ca8d9b22d29b452beaa68cc 06a0d126959af0d58b01a0f6e983d98e3b27a48046e16cb848b0ba137adfb34e 42adab23d378a6805197a8bcb77d91e061ebdfb6bf1ca4018be88070e2afc18c 48e5400dd103802599776a05739494155f10298cb5b321a8d893f529a1838946 067bdbfaa05b45c727a25e20a17409b06ef0e2db5059456a0abcc2e48581b820 b95ca2bec018f3bca0fe2932ac7ef017b89e1694ebe9e0266496b97e3f168dd3 6739a7000c32d0266a97db6b459701918dd884aefbdd7dbc874f7b4bf531ecbe 30cde09311c089e8c7efd2f18aa0f60fd084549ecb38e2fecc6d84835511a7f7                                                                                                                                                                                                                                       root root root root root root root root root root root root ossec root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root ossec root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root ossec ossec ossec ossec-hids-3.0.1-5637.el6.art.src.rpm  ÿÿÿÜÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿossec-hids-agent ossec-hids-agent(x86-64)                       	   
  
  
  @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   @   
ossec-hids /sbin/chkconfig /sbin/chkconfig /sbin/service /sbin/service /bin/sh /bin/sh rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(CompressedFileNames) /bin/bash /bin/sh libcrypto.so.10()(64bit) libcrypto.so.10(libcrypto.so.10)(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.3)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.7)(64bit) libdl.so.2()(64bit) libGeoIP.so.1()(64bit) libm.so.6()(64bit) libpthread.so.0()(64bit) libpthread.so.0(GLIBC_2.2.5)(64bit) librt.so.1()(64bit) libssl.so.10()(64bit) libssl.so.10(libssl.so.10)(64bit) libz.so.1()(64bit) rpmlib(PayloadIsXz) 0:3.0.1-5637.el6.art       4.6.0-1 4.0-1 3.0.4-1                    5.2-1     ossec-hids-server  4.8.0    XÑÀXœYÀXˆ“@TëÀTš@SêÀS¨ÀS[ÀS©@RðÖ@RËì@RÊšÀR±Ž@R®ë@RrF@RiÀRR¢@QûŸ@QöY@QÄ@@Q­ÖÀQ¬…@Q¬…@Qu&@Qu&@QkëÀQg÷@Q\ÀPõDÀPÅÎÀP¤Ù@P£‡ÀP@OàiÀOß@OÐ—ÀOÐ—ÀOŒ	ÀO„ ÀOpZ@N»¼ÀNS–@NK­@N;Û@N;Û@N6•@N-ZÀNåÀMõûÀMðµÀMìÁ@MäØ@MÞ@ÀMÁ?ÀM®ÊÀM¤>ÀMœUÀM›@MPÀLû~ÀLö8ÀLÎ«ÀLÎ«ÀLÊ·@LÉeÀLµŸ@L¤{ÀL¡ØÀLä@L›A@L—LÀL‡zÀL~@@L|îÀLvW@LmÀLa?@LR¾ÀL4l@LT@KÙtÀKÍ—@K¿ÀK´ŠÀK¨­@K§[ÀK˜Û@K–8@Kò@Kî@Kî@Jø@JÁöÀJÁöÀJ›»@J’€ÀJ‚®ÀJnè@JL¡@JIþ@J2C@J2C@J/ @J&eÀIõž@Ièo@Iã)@Iß4ÀIÜ‘ÀI¯¾ÀI§ÕÀI¦„@Iž›@IŒ&@IŠÔÀI‚ëÀI~÷@Híò@H¾|@Hc„ÀHM@H2½@H)‚ÀGJµ@GAzÀGV@Gm@FÞš@FÁ™@F¹°@F³ÀF®@Fr@Fq-ÀFI ÀF-ñ@EíWÀE®ÀEySÀEIÝÀE
ÀE 	ÀDí”ÀDÇY@D·‡@D®LÀSupport <support@atomicorp.com> - 2.9.0-50 Support <support@atomicorp.com> - 2.9.0-49 Support <support@atomicorp.com> - 2.9.0-48 Support <support@atomicorp.com> - 2.8.1-47 Support <support@atomicorp.com> - 2.8.0-46 Support <support@atomicorp.com> - 2.8.0-45.1 Support <support@atomicorp.com> - 2.8.0-45 Support <support@atomicorp.com> - 2.7.1-44 Support <support@atomicorp.com> - 2.7.1-43 Support <support@atomicorp.com> - 2.7.1-42 Support <support@atomicorp.com> - 2.7.1-41 Support <support@atomicorp.com> - 2.7.1-40 Support <support@atomicorp.com> - 2.7.1-36 Support <support@atomicorp.com> - 2.7.1-35 Support <support@atomicorp.com> - 2.7-34 Support <support@atomicorp.com> - 2.7-33 Support <support@atomicorp.com> - 2.7-32 Support <support@atomicorp.com> - 2.7-31 Support <support@atomicorp.com> - 2.7-30 Support <support@atomicorp.com> - 2.7-29 Support <support@atomicorp.com> - 2.7-28 Support <support@atomicorp.com> - 2.7-27 Support <support@atomicorp.com> - 2.7-26 Support <support@atomicorp.com> - 2.7-25 Support <support@atomicorp.com> - 2.7-24 Support <support@atomicorp.com> - 2.7-23 Support <support@atomicorp.com> - 2.7-22 Support <support@atomicorp.com> - 2.7-21 Support <support@atomicorp.com> - 2.7-20 Support <support@atomicorp.com> - 2.7-19 Support <support@atomicorp.com> - 2.7-17 Support <support@atomicorp.com> - 2.6-16 Support <support@atomicorp.com> - 2.6-15 Support <support@atomicorp.com> - 2.6-14 Support <support@atomicorp.com> - 2.6-13 Support <support@atomicorp.com> - 2.6-12 Support <support@atomicorp.com> - 2.6-11 Support <support@atomicorp.com> - 2.6-10 Support <support@atomicorp.com> - 2.6-9 Support <support@atomicorp.com> - 2.6-8 Support <support@atomicorp.com> - 2.6-7 Support <support@atomicorp.com> - 2.6-6 Support <support@atomicorp.com> - 2.6-5 Support <support@atomicorp.com> - 2.6-4 Support <support@atomicorp.com> - 2.6-3 Support <support@atomicorp.com> - 2.6-2 Support <support@atomicorp.com> - 2.6-1 Support <support@atomicorp.com> - 2.6.0-0.10 Support <support@atomicorp.com> - 2.6.0-0.9 Support <support@atomicorp.com> - 2.6.0-0.8 Support <support@atomicorp.com> - 2.6.0-0.7 Support <support@atomicorp.com> - 2.6.0-0.6 Support <support@atomicorp.com> - 2.6.0-0.5 Support <support@atomicorp.com> - 2.6.0-0.4 Support <support@atomicorp.com> - 2.6.0-0.3 Support <support@atomicorp.com> - 2.6.0-0.1 Support <support@atomicorp.com> - 2.5.1-10 Support <support@atomicorp.com> - 2.5.1-9 Support <support@atomicorp.com> - 2.5.1-8 Support <support@atomicorp.com> - 2.5.1-7 Support <support@atomicorp.com> - 2.5.1-6 Support <support@atomicorp.com> - 2.5.1-5 Support <support@atomicorp.com> - 2.5.1-4 Support <support@atomicorp.com> - 2.5.1-3 Support <support@atomicorp.com> - 2.5.1-2 Support <support@atomicorp.com> - 2.5.1-1 Support <support@atomicorp.com> - 2.5-1 Support <support@atomicorp.com> - 2.5-0.9 Support <support@atomicorp.com> - 2.5-0.8 Support <support@atomicorp.com> - 2.5-0.7 Support <support@atomicorp.com> - 2.5-0.6 Support <support@atomicorp.com> - 2.5-0.1 Support <support@atomicorp.com> - 2.4.1-11.2 Support <support@atomicorp.com> - 2.4.1-11.1 Support <support@atomicorp.com> - 2.4.1-10 Support <support@atomicorp.com> - 2.4.1-9 Support <support@atomicorp.com> - 2.4.1-8 Support <support@atomicorp.com> - 2.4.1-7 Support <support@atomicorp.com> - 2.4.1-6 Support <support@atomicorp.com> - 2.4.1-5 Support <support@atomicorp.com> - 2.4.1-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4-5 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4-0.2 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.4-0.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.3-8 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.3-7 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.3-6 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.3-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.2-5 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.2-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.2-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.2.0.beta2.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.2.0.beta1.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.1.1-5 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.1.1-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.1.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.1-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-11 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-10 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-9 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-8 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-7 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-6 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-5 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0.0-0.090225.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0.0-0.090220.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0.0-0.090206.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 2.0.0-0.090205.1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.99-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.99-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.6.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.6-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.5.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.5-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.5-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.5-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.4-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.4-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.3-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.3-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.3-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.3-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-8 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-7 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-5 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-4 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-3 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.2-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.1-1 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.0-2 Scott R. Shinn <scott@atomicrocketturtle.com> - 1.0 Scott R. Shinn <scott@atomicrocketturtle.com> peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org peter.pramberger@member.fsf.org - Change labels in alert mail headers to "ASL" - Update to Ossec 2.9.0 Final - Update to Ossec 2.9.0 - Update to 2.8.1. This is identical to 2.8.0-46, the only change is the hosts.deny CVE-2014-5284 is merged in. - Revert BR#1596
- Add Bugfix for hosts.deny race condition (CVE-2014-5284) - BR #1596, Add fork limiting patch (max 10) for execd to prevent DoS conditions - Upgrade to 2.8.0 - Feature Request #1512,  speed up shuns in execd, move sqlite down - Relink against native mysql - Add ar-tracking active response - Placeholder for null exclusion rules.  Legacy support - ASL 4 version with new database format - Add support for Fedora 20
- Modify optimization flags for FORTIFY - Update to 2.7.1
- Add independent rules.d/decoders.d ossec-rules package - FR#772, add rule 3360 for postfix slow brute force
-   add dovecot-decoder.patch for cpanel dovecot
-   Update 9702, 9753 for dovecot brute force
- FR#773, add rule 11308 for pure-ftp slow brute force
- FR#1347, Update for courier v4 decoder (pop3s)
- FR#1359, Update horde decoder for v5 - Disable ossec-dbd signature table (replaced by aslw_rules). This was very slow - Break ossec-dbd into separate package
- FR#1321, update courier-imap decoder for version 4.0 - Bugfix #XXX, prevent truncating last character on ossec-dbd database inserts on the alerts/data table - Add tld column to alert table w/ index - Deprecate internal id generation in dbd
- update schema to autoincrement, increase id space to int - Add is_hidden to mysql schema - Add if exists to mysql schema - Add os_dbd-mysql-replace-query.patch to consolidate SELECT/UPDATE into REPLACE sql - Consolidate alert & data into a common table
- Add ossec-authd init script - Add sqldelete command  to execd
- Update to clear sqlite db at startup - More minor updates to GeoIP tracking - Minor update to GeoIP tracking - Bugfix on permissions for files in shared/ directory for client installs
- Add GeoIP support
- Remove dependency on perl-DBD-SQLite
- Update asl-shun to new non-perl based version.
- Deprecate firewall-drop-update.patch
- Add sqlite support to execd (/var/ossec/var/execd.sqlite) - Update to 2.7 final - Feature Request #XXX, revert duplicate detection in log events to help detect extremely fast brute force attacks
- Add FORTIFY_SOURCE, PIE, and relro (full) - Update to 2.7-rc2 - Update to 2.7-rc1 - Move active response components under the common package - bugfix #xxx, correct ownership permissions on fts dir - Update to init script to suppress spurious execd output
- Add alerts queue to server package with ossec/ossec permissions - Bugfix #XXX, correct any/agentd condition - Moved agentless packages under server - Drop timeid and cat_id indexes from schema - Add new index, timeid to alerts table. - Add cmoraes patch, Adds config options for enabling/disabling rootkit/syscheck options, and agent config profiles
- Add ossec-memleaks patch
- Add agentless directories, and agent.conf
- Bugfix #XXX, ossec-hids.init will now return an exit code on status - Add prelink_cmd support - Bugfix #XXX, display multi-line events in data table correcty - Update to asl-shun.pl purge event to default to 24 hours. - Update to asl-shun.pl to change ordering of block rules
- Revert from 0805 snapshot - Update to 0805 snapshot - Update to 0801 snapshot
- Update asl-shun.pl to log to active-responses.log, blocks now go to the named chain ASL-ACTIVE-RESPONSE, and delete events are more redundant. - Update to OSSEC 2.6 Final - Update to snapshot 110711 - Update to snapshot 110613 - Update to snapshot 110609 - Update to snapshot 110606
- Moved ossecr user creation event to the ossec-hids core package - Update to snapshot 110531 - Update to snapshot 110526 - Update to snapshot 110504 - Bugfix #536, Increase the default sleep time for syscheck - Renamed to 2.6 branch - Add support for the rules/decoders dir system - Update to snapsot 110405
- Update asl-shun to support ossec alert ids - Changed asl-shun sqlite database to /var/ossec/var/blocklist3.sqlite
- asl-shun database format now stores the full alertid - Update to snapshot 101203 - Update to snapshot 101125 - Added alertid support to os_dbd, this involves a schema update - Added dst ip, src prt, and dst prt capture support to os_dbd - Bugfix #XXX, manage_agents was built in client mode for the server package. - Add clamav decoder & ruleset - Update to 2.5.1 final - Update to 2.5 final - Update to 0928 snapshot - Extended no_ar into ossec-dbd - Add no_ar option to disable active response per rule - Update to snapshot 100920 - Update snapshot to 100907 - Snapshot 100901 - Added test fix for os_dbd - Bugfix #376, ossec-control will now properly stop and reload - Update to 0809 snapshot - Relink against native mysql - Add minicon decoder from les fenison - Update to 100707 snapshot
- Feature Request #371, add ossec.log to logrotate - Updated to 100615 snapshot - Updated init and ossec-server scripts to support the new reload feature. - Update to 2.4.1 - Added zabbix reporting active response - Update to 2.4 final
- Lowered courier rule 3910 (failures) from 6 over 240 to 10 over 10
- Lowered courier rule 3911 (success) from 10 over 60 to 30 over 20 - Rebuilt for atomic repo - Update to CVS 100317 - Update to CVS 100311
- Add decoder for denyhosts
- Update asl_rules.xml to include denyhosts rules - Update to CVS 100309 - Added new decoder for smtp_auth
- Added rules to detect smtp_auth brute force attempts
- Added rules to detect imap/pop brute force attempts - Updated ossec-server.conf to be in parity with the ASL config
- Added templates dir for generating configs - Update to 2.3 release - Update to snapshot 091109 - Update to snapshot 091008 - Update to snapshot 090925
- Added timestamp field to the mysql schema
- Bugfix #XXX, for the ossec-client.init script to call the correct (renamed) ossec syscheckd/logcollector daemons
- Appologies for not updating the previous changelogs. Missed a few updates! - Update to snapshot 090827
- Feature Request #225, Added logrotate event to active-response log
- Updated system_audit_rcl.txt to look for the correct php.ini file - Update to 090824, beta 1 release - Update to 090812 snapshot - Rebuild agent daemons with -DCLIENT, added symlink trickery - update to 2.1.1 - update to 090630 snapshot, this has fixes for CentOS/RHEL 4 64-bit environments - update to 2.1 final - update to snapshot 090612 - update to snapshot 090610 - update to snapshot 090603 - Disable postgresql support, to get around an undesirable dependency on EL4 - Update to snapshot 090417 - Update to snapshot 090413 (this adds in inotify support) - Update to snapshot 090410 (this adds in inotify support) - Update to snapshot 090408 - Added authpsa rules back in, this is used to detect brute force attacks
- Added conditional building support for ASL modifications - Update to 2.0 official release - update to snapshot 090225 - update to snapshot 090220 - update to snapshot 090206 - update to snapshot 090205 - update to CVS code 090129, this is not an offical release. Its for testing only - update to CVS code 090126, this is not an offical release. Its for testing only - update to 1.6.1 - update to 1.6 - update to 1.5.1 - added mysql support - Added Stanislaw Polak's excellent ban-hackers script to manage shunning more intelligently. - update to 1.5 - fix on active-response locking bug that prevented some rules from expiring. - update to ossec 1.4 - update snapshot to ossec-hids-071011.tar.gz
- relinked C4, FC4, FC5 against mysql4 - update to snapshot ossec-hids-071006.tar.gz - update to shun blocklist tracking used by ASL
- added authpsa rules + decoder - update to 1.3 - minor adjustment in post, to check for config file before overwriting it - v6 was first version of the patch.
- added in logging in active-response for better ASL support
- Disabled conf event in post, to keep from overwriting config files. - changed permissions on queue/syscheck so it can be read by the ossec group (tweak for web gui) - removed the noreplace settings from decoder and the rules
- patch for a more ASL friendly client config - release -2 had a bug. 
- added ASL rules (asl_rules.xml)
- added decoder for the asl style modsecurity logging
- adjusted syslog_rules for qmail-scanner issue (BUG #ASL-18)
- Added http index in asl_rules.xml (BUG #ASL-7) - update to 1.2 - update to 1.1 - configuration change for ASL - updated to 1.0 - import into ART
- changed their naming conventions a bit, 0.9-3 to 0.9.3. Please dont be cross with me. - new version (0.9-3) - new version (0.9-2) - new version (0.9-1a) - new version (0.9-1) - new version (0.9) - some bugfixes - created /bin/sh /bin/sh ossec-hids-client                                                                                                                                                                         	   
                                                                      !   "   #   $   %   &   '   (   )   *   +   ,   -   .                                                      0:3.0.1-5637.el6.art 0:3.0.1-5637.el6.art                                                                                                                                                      ossec-init.conf ossec-hids agent-auth client-logcollector client-syscheckd manage_agent ossec-agentd ossec-client.sh ossec-execd internal_options.conf ossec-agent.conf ossec.conf.sample agent.conf acsc_office2016_rcl.txt cis_apache2224_rcl.txt cis_debian_linux_rcl.txt cis_debianlinux7-8_L1_rcl.txt cis_debianlinux7-8_L2_rcl.txt cis_mysql5-6_community_rcl.txt cis_mysql5-6_enterprise_rcl.txt cis_rhel5_linux_rcl.txt cis_rhel6_linux_rcl.txt cis_rhel7_linux_rcl.txt cis_rhel_linux_rcl.txt cis_sles11_linux_rcl.txt cis_sles12_linux_rcl.txt cis_win10_enterprise_L1_rcl.txt cis_win10_enterprise_L2_rcl.txt cis_win2012r2_domainL1_rcl.txt cis_win2012r2_domainL2_rcl.txt cis_win2012r2_memberL1_rcl.txt cis_win2012r2_memberL2_rcl.txt cis_win2016_domainL1_rcl.txt cis_win2016_domainL2_rcl.txt cis_win2016_memberL1_rcl.txt cis_win2016_memberL2_rcl.txt rootkit_files.txt rootkit_trojans.txt system_audit_rcl.txt system_audit_ssh.txt win_applications_rcl.txt win_audit_rcl.txt win_malware_rcl.txt alerts rids syscheck /etc/ /etc/rc.d/init.d/ /var/ossec/bin/ /var/ossec/etc/ /var/ossec/etc/shared/ /var/ossec/ossec-agent/etc/shared/ /var/ossec/queue/ -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic drpm xz 2 x86_64-redhat-linux-gnu        ?   ÿÿü0   ý7zXZ  
áû¡ !   #¸‡,à8ké] "ÌkÀ%¥§lìÓ¥{ËØlså&ï²›Í:QÏ+‰™]`Ó»&Z/Šá-»wR£%£fp«ÑL1ìŠOµÿàî;tO˜]Xdu3w¤èÉkdV	ÿµ…,Z %ŒÊc€Û):$QN¼]á¢ß‰! a"DÙÎÑº›	5‹éK"Øäex<Ÿ/©Ù´–4	!­G<ÂcY‹uP˜¹Ó„—À˜Ø¤ãl‰åDQó¿H2+±LèíÒ}·€Ÿ˜åY²šb.XGR7ýø‚^Í¨yfY7‹¡ã-Jö¸ÎÂo80àÏè‹SåßLÅKŠ¹…ˆ
@Ç¶JHª>’~³vmE
±™721Äšs9¬‹Êí§x¤ÞÉ³”’ƒ¡!'Ù“ê$§Íð‰º¹A¸‚põšÝÓM—ßŠHË(pŽd>¯¦JáN 0}ºM¸‚¡	è¼‡<_3$ÌÅYXöƒÐ˜<¥µQqd/EçGŒ¬¡¼·å$õÀN
 L«	,6úS­ˆÞ8ÛÇÜ)¤ùK¡8xÀ­ÂT&ñm?,7.šÿ%ï–œá2€Ò[—LL”úMü½;,/{?üãúaö\Aúmó®«Û\¥TFUî¯Xš¾?n¼ìhp‰1-W\³sé±´ù9N–ŸÉ\:ÌÀ=oß`FÛVÄCÃS¶UŒ'Úé.–¹f>× d²=±ÉË«×4Á“Mµo«s.˜¼¤RT“5ó#y\6ÞX[ö8‡YÌªa?BÅ–û Vƒ·@2n
Qˆ«¬xãçÉó6ç>9ßK¶Z÷¤Ç¹ëUÎê<Z¹äD¹ßoˆ÷S› qøÛ÷Üuèwè_êÙUÕËíG­°ÓÎ–‘éN•ŸŠ˜»,3*Ÿ³ÿÀ`Ræàj%)ß‹±;eyé)®«IÌ°p=¢Æ0µh¼® m¯ÊWž­©S²IY…%ð·SN{yè­œB¼BTgYê|s£âG¤‚é/ÞEM3WJê¯j±êú°°·/õú1Íá^ùóg¤oŠ¸žo$ ÄÖé˜
ôÇ+b!=£)'zÔªè¨ÜéZ™qÇ†L‹AïJ¸kïjà<ümé"·ÅúP	êfä£ã}¸Ë¯«…D`¤åÃ3+k˜apiÈµÑ¥r¤”K'þ;6Ø ¥ð½ÆÐ¬A‡Qþîð¶ÐHËfÎ”» å‹'ÒT­ÎT‘ÍœŸ@—÷€'­»&/:L‡Ÿù’œo WÉåûËbXê[Ž5àÚM.®—-EØåhò”ß	Ï–=SÐŒ£]ZÊ×zl;€,=¿‰žVRí^
…îUØõÝ’ •eàŠµ‘@œžˆ¥Ö_p}íØ]ŠÔWq~Tªg²“vO˜®’gÞü÷»¡’7–ŸìŠ á ;Lf®hjÞN—ëzùá‹0È4XÃ³Ü§/î>!n½ðz§jx©&ÄVÿé¸×ø~8¯ê
Ò\W¡ß¦¤Ë*ó‘QJªš`/…`Có>þSÑ“÷A¬'‰)¨AíaÔÔ-'Nz;qš.ÏøòŽ¼±)ý»aÖ	)^|
~õÉ’•e¡ù‰ê4¬r¨ý ´ìmuÁÖ€IfÑ’2YŠÚÐ¼¯$çÓ«"¶×Ô>žM¤A\Ft^µBPÏ#ü•)tƒ	Ê¤™LƒbéãïÒŸ‚¹Ž}Ô_O{gñ4<uËxE½–e#‹0¿~[77ì»ë0b–ÞD>í[4ö-Þ~×ËæRþ½ð3¨Û½­Éz‹TDÓ™gÝÜÝ=ÒÖ?P0•RšÏD²°vìôTXÐ"fÏÀ%6¬\ú+ë¯ôÓyuyÐ¹y»‡9«ŸªLÎ™·G Û+}­yï—›Äâ€€îo³+³ö^ÚÉ^™ŠülfT,Ý·! ­F«õb§áõ “Æ·ãÚ(¶$WX_aÓVy¦à¶ÿGç¹?‚ø5×’3ÒIè±b?bÆM)Q‰2D&iô€—mj-Øá€¨0ëµFÒ!äDwÞ§”ÈqØjTÝ@ýBÜEðhÑp›ƒ}z+9ÊÚEÃ•†FÁ—cYÆ5B“vÜžI½KðTêƒ>A\G(Rähzƒ–øZ¼¿ž`æ™8FÊýÉN8	¢ì]´NgèEµ#…Æ/´–R,P†Í=¿úpÉMÅèÊÕ±Ù±Á'n¶eº¬RçtÂV/òÒ!ôûäU‹*‘>V…S@€×úrÈfTg6¯ók°{>¾=øÀÃrÓ%±Lzò6ÈXuqá´?ŠùÇux#Hü•žåa çã >|™ˆ<ÐpZý&ÞÔI­\»¨¦^Vzlýè}QªX M¼ÄÒIéD¨44¢Î0ÍÍf„}°ç»}Qv|$}  P”fió2C˜7fU[¸òEB±Ÿ ¸0Y¼§VY÷îGtæÃ'@®–¨—øú]=_ÍbS±ËKóòå¼°ž­Ö!.vÛÄýï†l°
ûN©`'ŽâÍð5*Íçhžf¶[3Þ».² iZ2ke©Ù¡.Ï1ÜY/ƒ§ÞÎ»2 òD¤wÛIàÔ²kl$‡ïhÂcäZ¬¦“Óô¾dLLÒÄGÚ?L†ÿÿÄGòeG~s[ØhúXðp%\*¥3•@9½IßˆÀIÚn.gyË³gsŸbRÖ2Ýó²e9Fß•=ÙÝq£"Õ–íõ7Ì\,vÍ‚…Û½œ€Ï:'ºð¾ªÖ˜¡~þò†‰«²ûÄWË7 h²’R²êcè¼nöÉïl[¾TÃG_Z/7ãtÆ˜¸•öÛÏâk^(âØš—©ÚÓ= º7Qw5æ\nPQP_‹5GºI©žV~u Qœ—²µ`/Š^A·01:÷xÑªyàVàÂ,±Ïˆ¹—U·½œªÌ)ÚÓ˜’EPTcHFþ¥†Aíœ_.ø6è—šxþê†ÈZÞöN ¿{©c2(hCI7"àˆ¸uôì÷„ºDî"úÁJ@v²êä¿ù„¨9.…—WØG´÷yŽàd!Ù¦£J(Ò±;7J£Ç…ÒTê]¥cÆÄSªáÕÚntQ«mÂÙŠUÌ&ü\ŒU˜uçO¡'[ÈŠ°`)¼F¦ê¬”¸¼(!ïªî,^{|3h;pÃ¾â‚‘pž~ qw"õ
™MlaÃ”{åÌ	y°ËBÝÅÑÐÈ±ˆ¹	é‘i…[š›0E¦Ò%9,!Ë"äÄœ…ƒÄ(p´úÈéª@½OüwÌFõ<ÿÒSiƒ#›œ'{3¾“¥;uŸ…ë°MVŸGc¹Â.ðMVrŸ¥çNFM fMY°ÿC¿ÍŠ¿ù9×øÇçš"¦Ø× `rc£ þã¬‚õr7v ”¶Î•"õC“‹N7ïOü|žúùBRS'GŽO
ôÓÕ=ºF±§Ào˜îÑ\+´h1$÷Äß{4â\¹swí°ÛÂ‹Ðôf‰u†×Ü'E]Åˆ:P´…FB[³%%‡ïû/ˆÎQ\6~,±ƒÏŠš÷u¢ÔN†	'‡âJ"t29]ùJþî›/£JC³ªGR¶9”+&¾%ciä¦ºeÊÅû±}!éþ¼¶*;:„jª ¸j\J5Ó-”^×å7Û}‹üìôAyÏ*ìØ×‰‘B÷(÷gÝë»Ux-ütù”ë×áÝÞqpÏwUæ_å¾Ôy@¼‹˜;‡‘ p0£ŒõPy¦hÆÔRE¦ÐQ;¶Ša@(w¹1‹´¨3ŠÍ}Ø+Â¦µpé-´ø´‚—MÊ‹êØ3á¦v5 =ñIKJ|—Yåù=]Då–á«¨osö]N}ÜOÞ|”J‰kÁ†A¿™ƒ÷#­‰>É-nYýßc€VÀ+íUP	Ñ>½)Qzg7I9Àw›|×0Þ<æêÔ²Ó¤.êŸÿ¼¹¼Ž6¾Wkäìè{ÎiòÜ.6Ö˜Nl=	·Ì‰ÖVze^‰ÍB6•­)ÑFN=é÷a|¼ž9Ë!eås×N-Ž¹eÆÞ*¨­< ãƒ¸òŒGšnè6B€*ï£`+ìù{úÆÇ‚ŽEU\Zç-¼~>9¸Eej­¨JÎØ\ Â³l¢æg>cðÒ4«ÆŠwŒÝ+•§†’a[P‹ƒ®*AG‰ã,éJ¹ôn©„‰ÊÎLnªì*ûÁDZ¡—×3ÔfŽM‡ô
ðI¤#›/ÞÁUn§¤Ž¥·F›ßîv4VÕ‡ åŽ*7öŠ’c>
¢@3ñÛrðŒæèDõ–'ø'|•¢©qŽ½_ôÑ£t¡½˜ÛÇb]#Çöü€ŽYoÖ%üKˆ!ãq§|XvØ\`¡s)÷@4&‰°Ïm])B±Ì”IªØ«%–æh4ë“éà½±.šßEåvã4UÉY4`—¢Èåÿ]’7YJsÓ+·}€Z%«ˆ0Ö9<ª‚üØsSó¼Ð®|@/˜®d©R|ëÕeÓ†°>(å‘Ó5ñ«Öâ2Æ;
 «cž,)¦> „4¡Zµu]Ú´`ÿ\µ¹L7¥ËÎ·Ñ5÷"–ˆÕ^‡6À<;ÕÆÀ£ÅEÀ¸]NLØ“î¯˜—fy¨©KmhcÛ>H^F/Öf¢9ÝbÒ|Á
ÜpX
4]eúk‰ÆÇß“è§•ž¬‚g¤ÛC¦E/D¶J-DñÆC¦f´9mÒÿYh“.-4wúbú`‰~wJ®1´ZÕ·f78-ûQÐ°ÏÀŒF>xBNáÆ´é¿ô?RHA¦0hœlŠÞ¢l]£›*ê	z<hC7¦š®¬ë‡†-‹þ¢µ¹0Ë€²ñG‹ïB4O;FNŽ½ó³µfT,]f€J«•Ž9ßÛdè‘æYw”Cn^£ *'=ýeíëx2è ErÖ›ç™3S¤R ñªxªÆ€r©ö¡l»ÂNâo]¥n´IS»b„ù¨.1IpD4PÚ¹#œ 	 ¯z|Å3A­ô*¤Á@î$%ÂÙ·Q%b‚‚+ý.Õ#2&è¤•§5i•<²ZšØ‰’1äú¿”‹HVžþ<íþÎi–»ÅÊ.šeºø°ä÷&U³XzVg“.‰½ËN ãÅšë¯Zç2ð!—(*UýÞ¹ß:d= hDn [ÐL3|vHù–¶Qh	‹CËš”7šoA0çÏÌu(’úÐ¨ëuŸûa›~ä,¼î˜Êž™å§lù`2ò4‘²Vœ&ÁÅÛ[€å~•ìÛZ0˜úFTtGÝ½*#¿6ú»ìV`W’á>}Ô#RéñšP²lÃä4¨èe”%Ç:SÌ ª—âFSâLÄÀh7j ßÕî»iô'›‡7]¥¿|?›OËÖNBCLú\•ƒ>Ëà]– E,<ÿhê€ÝQ‰Êîƒ›xV•CF¯z:éÓÒÔÒƒ%4Œœ`”Ñ*¦¦QÓ)X0LØ›þ‚ó!VR^L'ÞàªÓÅÄD!?÷´_ž}P4'aÚYRâéµJ¡	ÞbÝn%v–ŽkÝx¶„óå:?àP3úJk™a\(W:î\©Ñ­±µ\-|9.ÊªÇˆ-]å…JñÉ§Å¸vW×âz‘eß<në<ÍRhr’y=_9I¢K’[¼°±oz›ðeÚ¨g©6.úVS¥%ð7ÈÖw#@‚J¨µOà3#×Œ¡VU-46c'}¸òõÙ¸ÞÑ fEöÅâ6¿«Øq]ÒƒA¢ðv‘sSK[ù‘r@x$ºŒLöf“þ‡)¼‹MÛ £lµP)È˜ƒ~‡:ë’Ãý»ïëôwsp
@×LÞÞ=uöFƒ.HìD{rÈÅ5z²¡›öIb÷¿hðß1uËÁÁç'ø‘˜ÄšjÃÐ½VgìžiløàQÀ¬ZÛ€Bãë¨íÀ?cÇŽ=|TÔò+a’Kl›N3‚àÁÆ³6Èr¹D‹#×mÙçÏ´èí^ï]I:É2‚c¶À­×S¡aÑä¾c#ò/ó¯FYé	‡’·TqƒÕ%åqxý9ýI!bTÅøUúhÚš9èÓ@’2Z7àwÇ$l>üîc‹ÅÚx„DxeKT¾ß)V¸¹h‘€¨ST
]yT§ç†L„¿ÓÏiÛgeX1P|Æéœ›vlèHQtì>ÓìÓƒÁ`¤®qõR˜áSös†þ(~Èfç]SÊpG Ý¸08¾çðf%„jšKòÃ`²'I>%˜œÅÛ+……”½Ds€qMó*Á˜$9Ømp*‚;R ¼6s/`ò _œØ_ýÓ~¨Å–€9|ŸÅ,(@vAÆ†‡,ì¥»f˜ˆç.‰„AÅžºYò#58æž
Í™ 5}3·)ÞñwS_ óq”¥M}ßH“ˆàGPä­s>GŽ6è(ŸEÊ>£²ÀL¤°%›÷àG3 Øºk>@¶YOÿ‰(`Õð´;Î„ØDu b Ž›¡ÿÿîQ#Ÿ|Gâ_šíŒUÓvÖÑ¿8ê’ i<n¸µ²§€ŽR7a{×1"ú¼~¹(üÇmòF¾y’_ç¶$³'Ù•BH¿P1*RxQ»þ;}}iØVj„Çsç²‡dÅJ‡„ ]Ý·`}ÆÂÆ99wO‡|'™gswî£?¿—h³ÿ­÷Gw9Ï%8ˆbwx*:·ÞüÇ¾<½cÛzgïýIÕeMV0W—Š¢Ždê0ùÿù2dfI¿¶9ÙŸqæ:C„ìŠ£¡"‘?ò¾(û‰§»;P­¡DQM\RÍdô» ÁåÕ hfHU,'ã	sIÖÖûóI…ë¼´.ú¾üÀ{Y\Å .Ñuþûàñõ\›¤®Œx¬zuEYwûÂ”m™/ÝëÆO§?íÉxÀs©#ÓÂô›Š›ÅN;ŠT\ÖÌJKm™ÊûÏ˜¯¶[UGmºR!\N¡ù³dÀÀRè„Üµa U1! õŒï8þûK²õˆjú…¡NÒÇJ0H     Šfn;ZìÇ'„ÒÑížõ.JPéM€žÝîùŠ *ìp  5p„!¶éß    
YZ